smtp setup and spam - SCO

This is a discussion on smtp setup and spam - SCO ; Hello, With the setup I use with SPF (around 15-20,000 emails per day to me or the aliases that come to me) and ... postfix or sendmail, sometimes exim amavis-new spamassassin python-pydns python-pydspam python-pyspf python-pygossip python-pysrs About 85% of emails ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: smtp setup and spam

  1. smtp setup and spam

    Hello,

    With the setup I use with SPF (around 15-20,000 emails per day to me
    or the aliases that come to me) and ...

    postfix or sendmail, sometimes exim
    amavis-new
    spamassassin
    python-pydns
    python-pydspam
    python-pyspf
    python-pygossip
    python-pysrs

    About 85% of emails are rejected before the smtp data stage saving a lot
    of more expensive resources.

    Once through the above I get 4-5 emails that are not taged that are spam
    and 2-3 false positives. My data basis are trained and I use razor.
    The below is from a header that has been through spamassassin and marked
    as spam.


    1.4 MSGID_FROM_MTA_ID Message-Id for external message added locally
    0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay
    lines
    3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
    [score: 1.0000]
    1.5 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
    above 50%
    [cf: 100]
    0.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
    0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
    [cf: 100]
    1.6 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
    [Blocked - see
    ]
    3.9 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
    [220.92.37.23 listed in sbl-xbl.spamhaus.org]
    1.6 URIBL_SBL Contains an URL listed in the SBL blocklist
    [URIs: conitaf.com.cn]
    3.0 URIBL_OB_SURBL Contains an URL listed in the OB SURBL
    blocklist

    It is then run through sa-learn to report it and auto deleted. The IP
    that the email came from reputation is then dinged for the spam. The same
    applies for a valid email. Domains and IP addresses are blacklisted at
    certain levels. This is all configurable. So I really recommend these
    tools.


    --
    Boyd Gerber
    ZENEZ 1042 East Fort Union #135, Midvale Utah 84047

  2. Re: smtp setup and spam

    On 6 Mar, 08:25, Boyd Lynn Gerber wrote:
    > Hello,
    >
    > With the setup I use with SPF (around 15-20,000 emails per day to me
    > or the aliases that come to me) and ...
    >
    > postfix or sendmail, sometimes exim
    > amavis-new
    > spamassassin
    > python-pydns
    > python-pydspam
    > python-pyspf
    > python-pygossip
    > python-pysrs
    >
    > About 85% of emails are rejected before the smtp data stage saving a lot
    > of more expensive resources.
    >
    > Once through the above I get 4-5 emails that are not taged that are spam
    > and 2-3 false positives. *My data basis are trained and I use razor.
    > The below is from a header that has been through spamassassin and marked
    > as spam.
    >
    > 1.4 MSGID_FROM_MTA_ID * * *Message-Id for external message added locally
    > *0.0 UNPARSEABLE_RELAY * * *Informational: message has unparseablerelay
    > lines
    > *3.5 BAYES_99 * * * * * * * BODY: Bayesian spam probability is 99 to 100%
    > * * * * * * * * * * * * * * [score: 1.0000]
    > *1.5 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
    > * * * * * * * * * * * * * * above 50%
    > * * * * * * * * * * * * * * [cf: 100]
    > *0.5 RAZOR2_CHECK * * * * * Listed in Razor2 (http://razor.sf.net/)
    > *0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
    > * * * * * * * * * * * * * * [cf: 100]
    > *1.6 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
    > * * * * * * * * [Blocked - see
    > ]
    > *3.9 RCVD_IN_XBL * * * * * *RBL: Received via a relay in Spamhaus XBL
    > * * * * * * * * * * * * * * [220.92.37.23 listed in sbl-xbl.spamhaus.org]
    > *1.6 URIBL_SBL * * * * * * *Contains an URL listed in the SBL blocklist
    > * * * * * * * * * * * * * * [URIs: conitaf.com..cn]
    > *3.0 URIBL_OB_SURBL * * * * Contains an URL listed in the OB SURBL
    > blocklist
    >
    > It is then run through sa-learn to report it and auto deleted. *The IP
    > that the email came from reputation is then dinged for the spam. *The same
    > applies for a valid email. *Domains and IP addresses are blacklisted at
    > certain levels. *This is all configurable. *So I really recommend these
    > tools.


    For more individualized and even more effective spam blocking, you
    might look at CRM114 over at Sourceforge. Some spammers tune their
    spam to get past Spamassassin, but they haven't had much luck yet with
    crm114.

+ Reply to Thread